PT-2007-1170 · Gnu+1 · Gimp+1

Sean Larsson

Published

2007-07-10

Updated

2022-02-07

CVE-2006-4519

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: GIMP versions prior to 2.2.16

Description: The issue is related to multiple integer overflows in the image loader plug-ins, which can be exploited by user-assisted remote attackers to execute arbitrary code. This can be achieved through crafted length values in various file types, including DICOM, PNM, PSD, PSP, Sun RAS, XBM, and XWD files.

Recommendations: For versions prior to 2.2.16, update to version 2.2.16 or later to resolve the issue.

Fix

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

CVE-2006-4519

DSA-1335-1

RHSA-2007:0513

RHSA-2007_0513

Affected Products

Gimp

Red Hat

PT-2007-1170 · Gnu+1 · Gimp+1

CVE-2006-4519

Weakness Enumeration

Related Identifiers

Affected Products

References · 35